Senior Strategic Risk Manager - Infrastructure

The Apple Services Engineering Security team builds and provides secure systems and infrastructure that fuel Apple's services (such as iCloud, iTunes, Siri, App Store, and Maps). As part of the ASE Security team, you will help manage the security needs of Apple's services around the world. You will build and integrate the security controls, guardrails, and frameworks that help protect our customers data in Apple's infrastructure. Your work will help build solutions to a variety of outstanding security risks to Apple systems and data. Join us, and you'll play a meaningful role in ensuring the highest standard of security for one of the most-watched companies in the world.

Description

In this role, you will work with highly skilled security professionals passionate about identifying, assessing, and mitigating security risks. This role is central to the controls that protect Apple's customers, data, and brand. You'll have the opportunity to design security processes and technology with a truly global impact. Combining aspects of solutions engineering, design review, architecture, analysis and technical program management you will help identify and surface risks, and then help develop short and long term roadmaps to address it. You will play a hands on role in ensuring that programs are reviewed, adjusted, implemented and tested appropriately.

Responsibilities:

Help define a strategy and vision for uplifting security in critical services

Lead discovery conversations to understand architecture, current security posture, and blockers to adoption

Measure and communicate risks to leaders and stakeholders

Develop and implement AI technologies to manage risk

Perform post-incident reviews

Research and identify emerging technologies, threats, and vulnerabilities to proactively define security requirements and controls before they reach production.

Preferred Qualifications

Experience evaluating and building threat models for complex services

Experience applying AI/ML techniques to analyze CVEs and prioritize high-risk vulnerabilities.

Experience working with data engineers to define metrics and interpret results from detection and risk models.

Knowledge of authentication mechanisms, including OAuth, SAML, and other identity management protocols

Minimum Qualifications

BS in Computer Science, Computer Engineering, or Information Security, or 5+ years of equivalent hands-on experience

Knowledge of security architecture and secure design principles

Demonstrated ability to design, document, and implement new security processes.

Experience conducting security assessments of complex distributed systems, cloud-native applications, and large-scale infrastructure

An understanding of past, current, and emerging security exploit trends

Understanding of exploit development and conditions required to trigger different vulnerability types

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $171,600 and $302,200, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.